A method is disclosed for the
authentication of applications both at the time of their downloading, as well as at the time of their execution. At least one application works in an equipment connected by a network to a control
server, the equipment being locally connected to a security module. The application is loaded and / or executed via an application execution environment of the equipment and uses resources stored in the security module. The
authentication method includes reception by the control
server, via the network, of data including at least the identifier of the equipment and the identifier of the security module, analysis and
verification by the control
server of the data; generation of a
cryptogram including a digest of the application, data identifying the equipment and the security module and instructions intended for the module; transmission of the
cryptogram, via the network and the equipment, to the security module; and
verification of the application by comparing the digest extracted from the
cryptogram received with a digest determined by the security module. Further, said method further comprising steps wherein, during the initialization and / or the activation of the application, the security module executes the instructions extracted from the cryptogram, to at least one of release and block the access to certain resources of the security module according to the result of the
verification suited to this application carried out previously.